/**
 * @Author Lion Shooray 2007-7-28 iTruschina. Co.,Ltd
 * @since 2010-5-27 mao rui
 * @Version 2.4.3
 */

var ieCenrollObject = "<object  width='0' height='0' id='cenroll' codebase='"+contextPath+"/cert/itrus/itruscertctl.cab#version=1,1,2013,801' classid='clsid:DD2257CE-4FEE-455A-AD8B-860BEEE25ED6'></object>"; 
var ffCenrollObject = "<object  width='0' height='0' id='cenroll' type='application/iTrusCertEnroll.CertEnroll.Version.1' ></object>";
if(navigator.userAgent.indexOf("MSIE") > 0||navigator.userAgent.indexOf("rv:11.0")>-1) {
	document.write(ieCenrollObject);
} else {
	var length = navigator.plugins.length
	var check_install_cenroll = 0;
	for(var i=0;i<length;i++){
		var index = (navigator.plugins[i].name).indexOf("iTrusPTA");
		if(index>-1){
			check_install_cenroll++;
			break;
		}
	}
	if(check_install_cenroll>0){
		 document.write(ffCenrollObject);
	}else{
		 window.alert("您没有安装支持firefox的插件,请点击确定下载我们的插件,然后进行安装,firefox才可正常使用!谢谢.");
		 window.location.href = contextPath+'/soft/wskhSetup.exe';
	}
}


/**
 * installCert 安装CA颁发下来的证书
 * @param certChain(mandatory) 包含用户证书及证书链的Base64格式P7字符串
 */
function installCert(certChain) {

	try {
		cenroll.DeleteRequestCert = false;
		cenroll.WriteCertToCSP = true;
		cenroll.acceptPKCS7(certChain);
		return true;
	} catch(e) {
		if(-2147023673 == e.number) {
			alert("您取消了我们为您颁发的数字证书安装，证书安装失败！\n在您还未离开本页面前，您还可以点击“安装数字证书”按钮安装。");
			return false;
		} else if(-2146885628 == e.number) {
			alert("您的证书已经成功安装过了！");
			return false;
		} else {
			alert("安装证书发生错误！\n错误号: " + e.number + "\n错误描述: " + e.description);
			return false;
		}
	}
}

/**
 * installCAChain 安装CA证书链
 * @param cACertSignBufP7(mandatory) PKCS7格式证书链
 */
function installCAChain(cACertSignBufP7) {
    try{
         //cenroll.InstallPKCS7(cACertSignBufP7);acceptPKCS7
    	cenroll.acceptPKCS7(cACertSignBufP7);
    } catch(e) {
    	alert(e.description);
        if(-2147023673 == e.number) {
            return false;
        } else {
            alert("安装证书链时发生错误！\n错误原因：" + e.description + "\n错误代码：" + toHex(e.number));
        }
    }
}

/**
 * findProviders 查询本地计算机的密钥服务提供者，并显示在指定的<select>中
 * @param objProviderList(mandatory) 密钥服务提供者列表<select>对象
 * @param defaultProvider(optional) 缺省密钥服务提供者名称
 * @param allowedProviders(optional) 允许的密钥服务提供者Array
 */
function findProviders(objProviderList, defaultProvider, allowedProviders) {
	
	if(typeof(defaultProvider) == "undefined" || defaultProvider == "")
		defaultProvider = "Microsoft Enhanced Cryptographic Provider v1.0";
	var i = 0; nIndex = 0;
	var providerType = 1;//The default value for this property is 1
	var maxProviderType = 1; //max is 24
	
	var providerName;
	while(providerType <= maxProviderType) {
		i = 0; //从0开始枚举
		cenroll.ProviderType = providerType;
		while(true) {
			try {
				providerName = cenroll.enumProviders(i, 0);
				if(providerName == "" || providerName == null) {
					break;
				}
			} catch(e) {
				break;
			}
			if(providerName.length == 0) {
				break;
			} else {				
				if(typeof(allowedProviders) == "string") {
					if(providerName == allowedProviders) {
						$(objProviderList).append("<option value = " +providerType+ ">" +providerName );
						nIndex++; //总索引
					}
				} else if(typeof(allowedProviders) == "object" && allowedProviders.length > 0) {
					for(var j = 0; j < allowedProviders.length; j++){
						if(providerName == allowedProviders[j]) {
							$(objProviderList).append("<option value = " +providerType+ ">" +providerName );
							nIndex++; //总索引
						}
					}
				} else { //typeof(allowedProviders)=="undefined" || allowedProviders == ""
					$(objProviderList).append("<option value = " +providerType+ ">" +providerName );
					nIndex++; //总索引
				}
				
				if(providerName == defaultProvider)
					objProviderList.selectedIndex = nIndex - 1;
				i++;
			}
		}
		providerType++;
	}
	if(objProviderList.length == 0){
		$(objProviderList).append("<option value = ''>您的电脑上未安装指定USB KEY的驱动程序！");
	}
}
function findProviders1(objProviderList, defaultProvider, allowedProviders) {
	
	if(typeof(defaultProvider) == "undefined" || defaultProvider == "")
		defaultProvider = "Microsoft Enhanced Cryptographic Provider v1.0";
	var i = 0; nIndex = 0;
	var providerType = 1;//The default value for this property is 1
	var maxProviderType = 1; //max is 24
	
	var providerName;
	while(providerType <= maxProviderType) {
		i = 0; //从0开始枚举
		cenroll.ProviderType = providerType;
		while(true) {
			try {
				providerName = cenroll.enumProviders(i, 0);
				if(providerName == "" || providerName == null) {
					break;
				}
			} catch(e) {
				break;
			}
			if(providerName.length == 0) {
				break;
			} else {				
				if(typeof(allowedProviders) == "string") {
					if(providerName == allowedProviders) {
						$(objProviderList).append("<option value = \"" +providerName+ "\">" +providerName );
						nIndex++; //总索引
					}
				} else if(typeof(allowedProviders) == "object" && allowedProviders.length > 0) {
					for(var j = 0; j < allowedProviders.length; j++){
						if(providerName == allowedProviders[j]) {
							$(objProviderList).append("<option value = \"" +providerName+ "\">" +providerName );
							nIndex++; //总索引
						}
					}
				} else { //typeof(allowedProviders)=="undefined" || allowedProviders == ""
					//$(objProviderList).append("<option value = " +providerName+ ">" +providerName );
					$(objProviderList).append("<option value = \"" +providerName+ "\">" +providerName );
					nIndex++; //总索引
				}
				
				if(providerName == defaultProvider)
					objProviderList.selectedIndex = nIndex - 1;
				i++;
			}
		}
		providerType++;
	}
	if(objProviderList.length == 0){
		//加载默认加密程序
		allowedProviders = new Array("Microsoft Enhanced Cryptographic Provider v1.0"
			, "Microsoft Base Cryptographic Provider v1.0"
		);
		$(objProviderList).append("<option value = '1'>"+allowedProviders[0]+"</option><option value = '1'>"+allowedProviders[1]+"</option>");
	}
}
/**
 * genEnrollCSR 申请证书，创建密钥对并生成证书签名请求
 * @param objProviderList(mandatory) 加密服务提供者列表的<select>对象
 * @param cryptFlag(optional)
 *		0x0表示私钥既不可以导出，又不要求强私钥保护
 *		0x1表示私钥可导出，默认值
 *		0x2表示强私钥保护
 *		0x3(0x1|0x2)表示私钥既可以导出，又要求强私钥保护
 */
function genEnrollCSR(objProviderList, cryptFlag) {

	var selectedItem = objProviderList.item(objProviderList.selectedIndex);
	return genKeyAndCSR(selectedItem.text, selectedItem.value, cryptFlag);
}

/**
 * genRenewCSR 更新证书，生成更新证书的证书签名请求
 * @param objProviderList(mandatory) 加密服务提供者列表的<select>对象
 * @param cryptFlag(mandatory)
 *		0x0表示私钥既不可以导出，又不要求强私钥保护
 *		0x1表示私钥可导出，默认值
 *		0x2表示强私钥保护
 *		0x3(0x1|0x2)表示私钥既可以导出，又要求强私钥保护
 * @param objOldCert(mandatory) 要更新的证书对象（PTALib.Certificate）
 */
function genRenewCSR(objProviderList, cryptFlag, objOldCert,useOldKey) {

	var oldCertCSP = objOldCert.CSP; //旧证书CSP
	var providerName, providerType;
	
	if(typeof(objProviderList) == "string") {
		providerName = objProviderList;
		providerType = 1;
	} else if(typeof(objProviderList) == "object") {
		providerName = objProviderList.item(objProviderList.selectedIndex).text;
		providerType = objProviderList.item(objProviderList.selectedIndex).value;
	} else {
		alert("Paramter [objProviderList] is not correct.");
		return "";
	}
	
	var useOldKey = true;
	if(oldCertCSP != providerName) {
		var info = "您选择的密钥服务提供者与您正在更新的证书不匹配！"
			+ "\n如果您点击“确定”，将会生成新的密钥对进行更新，点击“取消”重新选择密钥服务提供者。";

		if(!window.confirm(info)) {
			return "";
		} else
			useOldKey = false;
	}
	if(useOldKey) {
		//使用旧的密钥对，更新后的证书只是更新了证书有效期
		return genKeyAndCSR(providerName, providerType, cryptFlag, objOldCert.KeyContainer);
	} else {
		//生成新的密钥对，更新后的证书不仅更新了证书有效期，而且换了密钥对
		return genKeyAndCSR(providerName, providerType, cryptFlag);
	}	
}

/**
 * genKeyAndCSR()必须包含xenroll_install.js和xenroll_function.js
 * genKeyAndCSR 产生密钥对，并返回证书签名请求CSR
 * @param providerName(mandatory) 密钥服务提供者名称
 * @param providerType(mandatory) 密钥服务提供者类型
 * @param cryptFlag(optional)
 *		0x0表示私钥既不可以导出，又不要求强私钥保护
 *		0x1表示私钥可导出，默认值
 *		0x2表示强私钥保护
 *		0x3(0x1|0x2)表示私钥既可以导出，又要求强私钥保护
 *		0x00008000  表示高安全级别 强制需要输入密码
 * @param keyContainer(optional)
 *		可使用PTALib.Certificate对象的.KeyContainer方法获取原证书的密钥容器
 *		密钥容器名称，更新证书时需要设置，会使用原来的密钥对发出签名请求。
 *		如果在原证书存储在USB KEY中，更新的证书会自动覆盖老证书
 * @return 证书申请请求CSR
 */
function genKeyAndCSR(providerName, providerType, cryptFlag, keyContainer) {

	try {
		cenroll.Reset(); //首先Reset
		cenroll.ProviderName = providerName;
		cenroll.ProviderType = providerType;
		
		var keyflags = 0;
		if(typeof(cryptFlag) != "number") {
			cryptFlag = 0x00000001; //表示私钥可导出，默认值
		}
		keyflags = keyflags | cryptFlag;
		
		if(typeof(keyContainer) == "string" && keyContainer != "") {//适用于更新证书
			cenroll.UseExistingKeySet = true;
			cenroll.ContainerName = keyContainer;
		}
		cenroll.HashAlgorithm = "MD5"; //SHA1
		cenroll.KeySpec = 1;
		
		var csr = "";
		cenroll.GenKeyFlags = 0x08000000 | keyflags; //2048bits
		//objCEnroll.GenKeyFlags = 0x02000000 | keyflags; //512bits，一旦出错，不再尝试512bits的密钥对
		csr = cenroll.createPKCS10("CN=itrus_enroll", "1.3.6.1.5.5.7.3.2");
		return csr.replace(/\r*\n/g, "");
	} catch(e) {
		var keyNotPresent = "指定的密钥服务提供者不能提供服务！可能出现的原因："
				+ "\n1、您没有插入USB KEY，或者插入的USB KEY不能识别。"
				+ "\n2、您的USB KEY还没有初始化。";
		var keyContainerNotPresent = "指定的KeyContainer不能提供服务！\n如果您正在更新证书，请选择原证书的密钥服务提供者(CSP)。";
		if(-2147023673 == e.number //800704C7 User Canceled
		 || -2147418113 == e.number || -2146893795 == e.number //Zhong chao USB key User Canceled when input PIN
		 || -2146434962 == e.number //FT ePass2001 USB key User Canceld
		 ) {
			return "";
		} else if(-2146893802 == e.number) { //80090016
			if(providerName.indexOf("SafeSign") != -1)
				alert(keyNotPresent); //捷德的KEY没插KEY会报这个错误	
			else
				alert(keyContainerNotPresent); //当KeyContainer无法提供服务时，其他KEY会报这个错误
			return "";
		} else if(-2146435060 == e.number //8010000C FTSafe ePass2000没插KEY会报
			|| -2146893792 == e.number //80090020 FEITIAN ePassNG没插KEY会报
			) {
			alert(keyNotPresent); //捷德的KEY没插KEY会报这个错误			
			return "";
		} else if(-2146955245 == e.number) {
			alert("创建新密钥容器错误:0x80081013(00000005)\n提示：请将当前站点加入可信站点！");
			return "";
		}
		else {//创建1024位密钥对或产生CSR时发生其他未知错误，将错误报告给用户
			alert("在证书请求过程中发生错误！\n错误原因：" + e.description + "\n错误代码：" + e.number);
			return "";
		}
	}
}

/**
 * IsValidBrowser 判断是否IE浏览器
 * @return true:是IE，false:不是IE
 */
function IsValidBrowser() {
	var iePos = navigator.userAgent.indexOf("MSIE");
	if(iePos == -1) {
		//不是IE
		return false;
	} else {
		var endStr = navigator.userAgent.substring(iePos + 4, navigator.userAgent.length);
		var ieVersion = parseInt(endStr);
		//alert("IE Version = " + ieVersion);
		if(ieVersion < 4) {
			return false;
		} else {
			return true;
		}
	}
}
/**
 * IsWindowsOfOS 判断是否windows操作系统
 * @return true是windows ； false非windows
 */
function IsWindowsOfOS() {
	if(navigator.userAgent.indexOf("NT") >= 0){
//		判断windows系统
//		navigator.userAgent.substr(navigator.userAgent.indexOf("NT")+3, 3)
//		5.1是windowsXP系统，6.0是Vista系统，6.1是Windows7系统
		return true;
	}else{
		return false;
	}
}

function URLDecode(psEncodeString) 
{
  // Create a regular expression to search all +s in the string
  var lsRegExp = /\+/g;
  // Return the decoded string
  return unescape(String(psEncodeString).replace(lsRegExp, " ")); 
}

function installCertKmc(certSign, certKmc, kmcReq1, kmcReq2, kmcReq3, kmcRep1, kmcRep2, kmcRep3) {
	if( certKmc.length < 1 )
			certKmc = kmcRep2;
	var kmcRep1Arr = kmcRep1.split("&");
	var kmcRep1Map = {};
	for(i = 0 ; i < kmcRep1Arr.length ; i++){
			var nv = kmcRep1Arr[i].split("=");
			kmcRep1Map[nv[0]] = URLDecode(nv[1]);
		//	alert(nv[0] + "\n" + nv[1] + "\n" + kmcRep1Map[nv[0]]);
	}
	try {
	    cenroll.DeleteRequestCert = false;
		cenroll.WriteCertToCSP = true;
		var ret = cenroll.acceptSeal(
						certSign,
						kmcRep1Map["userSeal"],
						certKmc,
						kmcRep1Map["encPrivateKeyUser"],
						kmcRep1Map["userCipher"],
						kmcRep1Map["userIV"]
						);
		return true;
	} catch(e) {
			alert("安装加密证书发生错误！\n错误号: " + e.number + "\n错误描述: " + e.description);
			return false;
	}
}
